Re: [TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-24 Thread Nikos Mavrogiannopoulos
On Thu, 2015-09-24 at 18:26 +0300, Ilari Liusvaara wrote: > On Thu, Sep 24, 2015 at 04:03:28PM +0200, Nikos Mavrogiannopoulos > wrote: > > On Thu, 2015-09-24 at 15:27 +0300, Ilari Liusvaara wrote: > > > > > 4) For TLS PoP signatures, does it make sense to use HashEdDSA at > > > all? > > > Another

Re: [TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-24 Thread Ilari Liusvaara
On Thu, Sep 24, 2015 at 04:03:28PM +0200, Nikos Mavrogiannopoulos wrote: > On Thu, 2015-09-24 at 15:27 +0300, Ilari Liusvaara wrote: > > > 4) For TLS PoP signatures, does it make sense to use HashEdDSA at > > all? > > Another way would to always use PureEdDSA and perform hash separtion > > from TL

Re: [TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-24 Thread Blumenthal, Uri - 0553 - MITLL
Josefsson Cc: tls@ietf.org Subject: Re: [TLS] Updated EdDSA/Ed25519 PKIX document On Thu, 2015-09-24 at 15:27 +0300, Ilari Liusvaara wrote: > 4) For TLS PoP signatures, does it make sense to use HashEdDSA at > all? > Another way would to always use PureEdDSA and perform hash separtion > f

Re: [TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-24 Thread Nikos Mavrogiannopoulos
On Thu, 2015-09-24 at 15:27 +0300, Ilari Liusvaara wrote: > 4) For TLS PoP signatures, does it make sense to use HashEdDSA at > all? > Another way would to always use PureEdDSA and perform hash separtion > from TLS side (e.g. sign(privkey, hash_func_id|H(tbs_data))). > The certificate signatures a

Re: [TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-24 Thread Ilari Liusvaara
On Wed, Sep 23, 2015 at 10:33:29AM +0200, Simon Josefsson wrote: > Hi all, > > I have pushed out a new version of the document describing EdDSA public > keys, signatures and certificates for PKIX. The change in -03 include > the addition of the prehash mode, test vectors generated by GnuTLS, and

Re: [TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-24 Thread Simon Josefsson
"Manger, James" writes: > Hi Simon, two technical typos: > > The example cert in 8.2 has the wrong OID for the signature. > Cert has { 1 3 101 100 1 } [encoding 06 04 2B656401] > Text has { 1 3 101 101 } [encoding 06 03 2B6565] for id-EdDSASignature Hi James. Good catch -- I believe that is

[TLS] Updated EdDSA/Ed25519 PKIX document

2015-09-23 Thread Simon Josefsson
Hi all, I have pushed out a new version of the document describing EdDSA public keys, signatures and certificates for PKIX. The change in -03 include the addition of the prehash mode, test vectors generated by GnuTLS, and a section recommending certain human readable names. https://tools.ietf.or